# A Public-Key Cryptosystem Based on the Word Problem

Conference paper

First Online:

## Abstract

The undecidable word problem for groups and semigroups is investigated as a basis for a public-key cryptosystem. A specific approach is discussed along with the results of an experimental implementation. This approach does not give a provably secure or practical system, but shows the type of cryptosystem that could be constructed around the word problem. This cryptosystem is randomized, with infinitely many ciphertexts corresponding to each plaintext.

## Keywords

Word Problem Quotient Group Special Word Extra Relator Undecidable Problem
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Download
to read the full conference paper text

## References

- [Adle83]L. M. Adleman, “On breaking the iterated Merkle-Hellman public-key cryptosystem,”
*Advances in Cryptology: Proceedings of Crypto 82*ed by D. Chaum et al., Plenum, 1983, pp. 303–308.Google Scholar - [Aho74]A V. Aho, J. E. Hopcroft, and J. D. Ullman,
*The Design and Analysis of Computer Algorithms*, Addison-Wesley, 1974.Google Scholar - [Blum83]M. Blum. “How to exchange (secret) keys,”
*ACM Transactions on Computer Systems*1,2 (May 1985). pp. 175–193.CrossRefGoogle Scholar - [Boon59]W. W. Boone, “The word problem,”
*Annals of Math*. 70 (1981), pp. 207–265.CrossRefMathSciNetGoogle Scholar - [Bras79]G. Brassard, “A note on the complexity of cryptography,”
*IEEE Transactions on Information Theory*, IT-25,2 (Mar. 1979), pp. 232–233.CrossRefMathSciNetGoogle Scholar - [Bras81]G. Brassard, “An optimally secure relativized cryptosystem,”
*Advances in Cryptography. A report on CRYPTO 81*, ed. by A Gersho, ECE REPT. No. 82-04, Dept. of Elect. and Computer Eng., Univ. of Calif., Santa Barbara, pp. 54–58.Google Scholar - [Crow63]R. H. Crowell, and R. H Fox,
*Introduction to Knot Theory*, Blaisdell, 1963.Google Scholar - [Diff76]W. Diffie, and M. E. Hellman, “New directions in cryptography,”
*IEEE Transactions on Information Theory*IT-22,6 (Nov. 1976), pp. 644–654.CrossRefMathSciNetGoogle Scholar - [Gary79]M. R. Gary, and D. S. Johnson,
*Computers and Intractability A Guide to the Theory of NP-Completeness*, W. H. Freeman, 1979.Google Scholar - [Horo78]E. Horowitz, and S. Sahni,
*Fundamentals of Computer Algorithms*, Computer Science Press, 1978.Google Scholar - [Lynd77]R. C. Lyndon, and P. E. Schupp,
*Combinatorial Group Theory*, Springer, 1977.Google Scholar - [Magn66]W. Magnus, A Karrass, and D. Solitar,
*Combinatorial Group, Theory: Presentations of Groups in Terms of Generators and Relations*, J. Wiley (interscience), 1966.Google Scholar - [Merk78]R. C. Merkle, and M. E. Hellman, “Hiding information and signatures in trapdoor knapsacks,”
*IEEE Transactions on Information Theory*IT-24,5 (Sept. 1978), pp. 525–530.CrossRefGoogle Scholar - [Novi55]P. S. Novikov, “On the algorithmic unsolvability of the word problem in group theory,”
*Trudy Mat. Inst. Steklov*44, 143 (1955).Google Scholar - [Ong84]H. Ong, C. P. Schnorr, and A Shamir, “An efficient signature scheme based on quadratic equations,”
*Proc. of the Sixteenth Annual ACM Symposium of Theory of Computing*, ACM 1984, pp. 208–216.Google Scholar - [Rabi58]M. O. Rabin, “Recursive unsolvability of grow theoretic problems,”
*Annals of Math*. 67 (1958), pp. 172–194.CrossRefMathSciNetGoogle Scholar - [Rabi79]M. O. Rabin, “Digitalized signatures and public-key functions as intractable as factorization,” Technical Report No. TR-212, MIT Lab. for Computer Science (Jan. 1979).Google Scholar
- [Rive78]R. L. Rivest, A Shamir, and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,”
*Communications of the ACM*21,2 (Feb. 1978), pp. 120–126.MATHCrossRefMathSciNetGoogle Scholar - [Rive79]R. L. Rivest, “Critical remarks on ‘Critical remarks on some public-key cryptosystems’”,
*BIT*19 (1979), pp. 274–275.MATHCrossRefMathSciNetGoogle Scholar - [Rive83]R. L. Rivest, and A T. Sherman, “Randomized encryption techniques,”
*Advances in Cryptology: Proceedings of Crypto 82*, ed. by D. Chaum et. al., Plenum, 1983, pp. 145–163.Google Scholar - [Rotm73]J. J. Rotman,
*Theory of Groups: An Introduction*, Second Edition, Allyn and Bacon, 1973.Google Scholar - [Sha83a]A. Shamir, “A polynomial time algorithm for breaking the basic Merkle-Hellman cryptosystem,”
*Advances in Cryptology: Proceedings of Crypto 82*, ed. by D. Chaum et al., Plenum, 1983, pp. 279–288.Google Scholar - [Sha83b]A. Shamir, “The strongest knapsack-based cryptosystem?” (presentation at Crypto 82).Google Scholar
- [Sna83c]A. Shamir, “On the generation of cryptographically strong pseudorandom sequences,”
*ACM Transactions on Computer Systems*1,1 (Feb. 1983), pp. 38–44.CrossRefMathSciNetGoogle Scholar - [Tarj83]R. E. Tarjan,
*Data Structures and Network Algorithms*, SIAM, 1983.Google Scholar - [Wagn84]N. R. Wagner, “Searching for public-key cryptosystems,”
*Proceedings of the 1984 Symposium on Security and Privacy*, IEEE Computer Society, pp. 91–98.Google Scholar - [Will80]H. C. Williams, “A modification of the RSA public-key encryption procedure,”
*IEEE Transactions on Information Theory*, IT-26,6 (Nov. 1980), pp. 726–729.CrossRefGoogle Scholar

## Copyright information

© Springer-Verlag Berlin Heidelberg 1985